When multiple operating systems co-exist within a computing device, a hypervisor system is needed to distribute resources to the operating systems. However, when a hypervisor system is compromised, it may distribute resources to operating systems that otherwise would not be accessible to the operating systems.
There are many ways that a hypervisor system can be compromised. For example, a legitimate hypervisor may be replaced with a corrupt hypervisor. The memory tables that the hypervisor accesses may be replaced with corrupt memory tables. A legitimate hypervisor may be modified in a way that the hypervisor improperly configures a sandbox environment for an operating system and fails to shield critical resources of the computing device from being accessed by the operating system. Also, memory stack overloading or improper input/output handling by a hypervisor can allow a malicious operating system to enter the hypervisor mode and access critical resources.
To ensure that a hypervisor system remains uncorrupted, the hypervisor system requires security protection.
The implementations will now be described with reference to the accompanying drawings. In the drawings, like reference numbers can indicate identical or functionally similar elements. Additionally, the left-most digit(s) of a reference number may identify the drawing in which the reference number first appears.